Job description

Senior IT Systems Validation Manager

Conshohocken, Pennsylvania, United States

SENIOR IT SYSTEMS VALIDATION MANAGER 

Join a pioneering biotech with a collegial atmosphere and a passion for harnessing every individual’s unique set of skills in our fight against disease.

At Immunocore, we have a vision to transform the way we understand and treat the most challenging medical conditions of our time, including cancer, autoimmune disorders and infection. In January 2022, in the U.S., we launched the world’s first T-cell receptor therapy, built on a novel technology designed to overcome the limitations of our natural immune systems.

Joining us at the most exciting time in our history, you will be part of a team that values trust and innovation, and that cherishes different ways of thinking.

The Role:

The IT compliance Manager's role is to assess and oversee all technology-related compliance issues across the organization including GxP compliance, information security, privacy and operational support processes including but not limited to IT Change Management, business continuity, identity management, user access and data integrity. This includes providing objective risk assessments of the company's compliance with regulatory, organizational and commercial requirements governing the organization's information technology systems. In addition, GDPR activities such as Breaches, SARs, DPIAs and the Sarbanes Oxley (SOX) requirements for Information Technology General Controls (ITGCs) are also the responsibility of the IT Compliance Manager.

The IT compliance manager will also be engaged in updates to policies, procedures and controls to ensure that the organization's practices remain observant to all pertinent local, state/province/county/federal/national laws and industry standards. The IT compliance manager will work with Director, IT Compliance to ensure organizational alignment with non-IT functions such as Legal, Procurement and Quality Assurance.

Responsibilities:

Regulatory Compliance Activities

  • Accountable for Computer Systems Validation process and documentation to ensure compliance with regulatory frameworks throughout the IT asset lifecycle for regulated systems.
  • Oversee the monitoring and periodic review of systems to ensure continuous compliance.
  • Conduct necessary IT compliance control monitoring and testing activities to determine the effectiveness of the controls.
  • Remediate IT compliance control deficiencies.
  • Investigation and documentation of any incidents, breaches or unlawful activity related to IT compliance, such as the intentional release of privileged information or a related security breach.
  • Actively support upkeep and maintenance IT compliance policies, based on any relevant regulatory changes or new laws.
  • Partner closely with Quality Assurance function to identify all IT compliance requirements (i.e. security, user access, privacy, data integrity, etc.) associated with the laws and regulations within all relevant jurisdictions.

GDPR and Privacy Activities

  • Guide third-party stakeholders (including business partners, suppliers, service providers and IT product vendors) to ensure that they clearly understand and comply with Immunocore's privacy requirements.
  • Support Immunocore’s GDPR requirements for DPIA, SARs, Breaches and Article 30.

General Compliance Activities

  • Manage and update the Enterprise Risk Management log, addressing risks by initiating and overseeing appropriate mitigation projects.Experience with managing issues, incidents, CAPAs and deviations.
  • Report the levels of IT compliance risk and control effectiveness to key stakeholders such as IT-business unit management, senior management, board of directors, legal management, regulators, internal/external auditors, etc.
  • Lead the enterprise's response to privacy-related emergencies and other potentially damaging events.
  • Create an IT compliance training and awareness program that periodically educates the requisite end-user community on the relevant IT compliance requirements and certifies their adherence to the relevant IT compliance controls.
  • Monitoring of ITGCs compliance for SOX requirements.
  • Reporting of ITGCs compliance for SOX.
  • Supporting internal and external SOX audits.

Commercial Compliance Activities

  • Ensure IT compliance and data protection requirements are effectively represented in contracts for IT products and services.
  • Ability to review and assess adequacy of suppliers based on industry standard certification or report from IT suppliers in line with the company QMS (e.g., ISO 27001, Service Organization Control Reports, PCI DSS, GDPR, GxP, EMA Annex 11, MHRA GCP, HIPPA, SOX, etc.).

Organizational Compliance Activities

  • Identify any gaps between the desired level of compliance and the current level of maturity.
  • Implement the required IT compliance policies and controls to meet the desired level of compliance maturity reflected in each standard or framework.
  • Participate in and contribute to wider organizational initiatives focussed on improvement of compliance standards and practices as well as to promote awareness and education.

Qualifications: 

Essential

  • Minimum 5 years' experience working in the life sciences / pharmaceutical industry.
  • Direct experience with Health authority audits against IT controls in the life sciences / pharmaceutical industry.
  • Significant and demonstrable experience in: Annex 11; FDA 21 CFR Part 11; GxP / GAMP 5.
  • Demonstrable experience in development of processes and procedures (SOPs).
  • Must possess the ability to make quick decisions needed to thrive in a challenging and fast-paced environment.
  • Demonstrably effective at handling multiple simultaneous tasks, with associated & changing deadlines.
  • Must be able to communicate clearly and effectively to achieve desired outcomes.
  • Demonstrable ability to build trusted working relationships with colleagues and stakeholders across various organizational functions.
  • Ability to set and manage priorities judiciously.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Exceptionally self-motivated, directed and detail-oriented.
  • At critical project times the role holder may be required to work irregular hours or out of hours depending on the agreed project schedule and deliverables.
  • The role will be required to travel nationally and internationally on an irregular basis.

Desirable

  • Membership of appropriate industry bodies supporting IT compliance and validation in the life sciences / pharmaceutical industry.
  • Certification in national, state or provincial information technology laws and regulations, such as GDPR; HIPPA; SOX; RIPA; CAN-SPAM; HTA; ISO 27000.
  • Excellent knowledge of technology environments, including information security, encryption methods and privacy-based solutions.
  • Knowledge of project and program management, business case development, budgeting and financials.
  • Demonstrated understanding of data processing, hardware platforms, enterprise software applications and outsourced systems, including: supply chain planning & visibility; data warehousing / business intelligence; and regular IT operations.
  • Understanding of computer systems and integration capabilities.

Education:

  • Undergraduate degree in computer science, business administration; graduate degree in one these fields or strong employment-based experience.
  • Industry-related compliance, information security or business continuity management certification or previous employment-based experience preferred.
  • Lifesciences quality related certification/qualification from ISPE, ASQ or other.
  • Exposure to or awareness of quality management process such as ISO9001 and ISO27001.
  • Systems and or auditing related certifications or qualifications such as IAA or ISACA.

Lead with Science and Discover What is Within:

  • We value Entrepreneurship and Diversity
  • Respect, Trust, and Integrity
  • Competitive compensation
  • Medical benefits, beginning your first day of employment
  • Vision benefits
  • Fully paid Dental Insurance
  • 20 days’ vacation plus holidays
  • Fully paid Life Insurance and Disability
  • 401(k) with Company Match

Candidates must be eligible to work in the U.S. without company sponsorship, now or in the future, for employment-based work authorization. F-1 visa holders with Optional Practical Training (OPT) who will require H-1B status, TNs or current H-1B visa holders will not be considered. H1-B and green card sponsorship is not available for this position.

Immunocore is an E-Verify employer.  

Applicants have rights under Federal Employment Laws:

Family and Medical Leave Act

Equal Employment Opportunity Commission

Employee Polygraph Protection Act

Uniformed Services Employment and Reemployment Rights Act (USERRA)

Right to work

EEO is the Law Supplement

Pay Transparency

 

Related Jobs

20 vacancies found